Comply with linting on proxy setup
This commit is contained in:
parent
598359854f
commit
a2e60972c7
GPG Key ID:
3EDA9C3441EDA925
@ -5,7 +5,12 @@
|
|||||||
listen: rebuild_bitwarden
|
listen: rebuild_bitwarden
|
||||||
|
|
||||||
- name: Rebuild Bitwarden
|
- name: Rebuild Bitwarden
|
||||||
ansible.builtin.shell: "{{ bitwarden_root }}/bitwarden.sh rebuild"
|
ansible.builtin.command: "{{ bitwarden_root }}/bitwarden.sh rebuild"
|
||||||
|
listen: rebuild_bitwarden
|
||||||
|
|
||||||
|
- name: Reload systemd manager configuration
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: true
|
||||||
listen: rebuild_bitwarden
|
listen: rebuild_bitwarden
|
||||||
|
|
||||||
- name: Start Bitwarden after rebuild
|
- name: Start Bitwarden after rebuild
|
||||||
@ -14,3 +19,10 @@
|
|||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
listen: rebuild_bitwarden
|
listen: rebuild_bitwarden
|
||||||
|
|
||||||
|
- name: Create Bitwarden's initial log file
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ bitwarden_logs_identity }}/{{ bitwarden_logs_identity_date }}.txt"
|
||||||
|
state: touch
|
||||||
|
mode: "644"
|
||||||
|
listen: touch_bitwarden
|
||||||
|
|||||||
@ -7,6 +7,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ bitwarden_root }}"
|
path: "{{ bitwarden_root }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: "755"
|
||||||
|
|
||||||
- name: Download Bitwarden script
|
- name: Download Bitwarden script
|
||||||
ansible.builtin.get_url:
|
ansible.builtin.get_url:
|
||||||
@ -22,7 +23,7 @@
|
|||||||
mode: u+x
|
mode: u+x
|
||||||
|
|
||||||
- name: Run Bitwarden installation script
|
- name: Run Bitwarden installation script
|
||||||
ansible.builtin.shell: "{{ bitwarden_root }}/bw_wrapper"
|
ansible.builtin.command: "{{ bitwarden_root }}/bw_wrapper"
|
||||||
args:
|
args:
|
||||||
creates: "{{ bitwarden_root }}/bwdata/config.yml"
|
creates: "{{ bitwarden_root }}/bwdata/config.yml"
|
||||||
|
|
||||||
@ -30,6 +31,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: compose.override.yml.j2
|
src: compose.override.yml.j2
|
||||||
dest: "{{ bitwarden_root }}/bwdata/docker/docker-compose.override.yml"
|
dest: "{{ bitwarden_root }}/bwdata/docker/docker-compose.override.yml"
|
||||||
|
mode: "644"
|
||||||
when: bitwarden_override | default(true)
|
when: bitwarden_override | default(true)
|
||||||
notify: rebuild_bitwarden
|
notify: rebuild_bitwarden
|
||||||
|
|
||||||
@ -76,6 +78,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: bitwarden.service.j2
|
src: bitwarden.service.j2
|
||||||
dest: "/etc/systemd/system/{{ bitwarden_name }}.service"
|
dest: "/etc/systemd/system/{{ bitwarden_name }}.service"
|
||||||
|
mode: "644"
|
||||||
register: bitwarden_systemd
|
register: bitwarden_systemd
|
||||||
notify: rebuild_bitwarden
|
notify: rebuild_bitwarden
|
||||||
|
|
||||||
@ -83,22 +86,12 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ bitwarden_logs_identity }}"
|
path: "{{ bitwarden_logs_identity }}"
|
||||||
state: directory
|
state: directory
|
||||||
register: bitwarden_logs
|
mode: "755"
|
||||||
|
notify: touch_bitwarden
|
||||||
- name: Create Bitwarden's initial log file
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ bitwarden_logs_identity }}/{{ bitwarden_logs_identity_date }}.txt"
|
|
||||||
state: touch
|
|
||||||
when: bitwarden_logs.changed
|
|
||||||
|
|
||||||
- name: Install Bitwarden's Fail2ban jail
|
- name: Install Bitwarden's Fail2ban jail
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: fail2ban-jail.conf.j2
|
src: fail2ban-jail.conf.j2
|
||||||
dest: /etc/fail2ban/jail.d/bitwarden.conf
|
dest: /etc/fail2ban/jail.d/bitwarden.conf
|
||||||
|
mode: "640"
|
||||||
notify: restart_fail2ban
|
notify: restart_fail2ban
|
||||||
|
|
||||||
- name: Reload systemd manager configuration
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
daemon_reload: true
|
|
||||||
when: bitwarden_systemd.changed
|
|
||||||
notify: rebuild_bitwarden
|
|
||||||
|
|||||||
@ -21,6 +21,7 @@
|
|||||||
- name: Create git's .ssh directory
|
- name: Create git's .ssh directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /home/git/.ssh
|
path: /home/git/.ssh
|
||||||
|
mode: "700"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Generate git's SSH keys
|
- name: Generate git's SSH keys
|
||||||
@ -40,6 +41,7 @@
|
|||||||
- name: Create git's authorized_keys file
|
- name: Create git's authorized_keys file
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /home/git/.ssh/authorized_keys
|
path: /home/git/.ssh/authorized_keys
|
||||||
|
mode: "600"
|
||||||
state: touch
|
state: touch
|
||||||
when: not git_authkeys.stat.exists
|
when: not git_authkeys.stat.exists
|
||||||
|
|
||||||
@ -53,21 +55,24 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: gitea.sh.j2
|
src: gitea.sh.j2
|
||||||
dest: /usr/local/bin/gitea
|
dest: /usr/local/bin/gitea
|
||||||
mode: 0755
|
mode: "755"
|
||||||
|
|
||||||
- name: Create Gitea's logging directory
|
- name: Create Gitea's logging directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
name: /var/log/gitea
|
name: /var/log/gitea
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: "755"
|
||||||
|
|
||||||
- name: Install Gitea's Fail2ban filter
|
- name: Install Gitea's Fail2ban filter
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: fail2ban-filter.conf.j2
|
src: fail2ban-filter.conf.j2
|
||||||
dest: /etc/fail2ban/filter.d/gitea.conf
|
dest: /etc/fail2ban/filter.d/gitea.conf
|
||||||
|
mode: "644"
|
||||||
notify: restart_fail2ban
|
notify: restart_fail2ban
|
||||||
|
|
||||||
- name: Install Gitea's Fail2ban jail
|
- name: Install Gitea's Fail2ban jail
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: fail2ban-jail.conf.j2
|
src: fail2ban-jail.conf.j2
|
||||||
dest: /etc/fail2ban/jail.d/gitea.conf
|
dest: /etc/fail2ban/jail.d/gitea.conf
|
||||||
|
mode: "640"
|
||||||
notify: restart_fail2ban
|
notify: restart_fail2ban
|
||||||
|
|||||||
@ -6,7 +6,7 @@
|
|||||||
listen: restart_mariadb
|
listen: restart_mariadb
|
||||||
|
|
||||||
- name: Set MariaDB as restarted
|
- name: Set MariaDB as restarted
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
mariadb_restarted: true
|
mariadb_restarted: true
|
||||||
when: not mariadb_restarted
|
when: not mariadb_restarted
|
||||||
listen: restart_mariadb
|
listen: restart_mariadb
|
||||||
|
|||||||
@ -4,7 +4,7 @@
|
|||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Set MariaDB restarted fact
|
- name: Set MariaDB restarted fact
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
mariadb_restarted: false
|
mariadb_restarted: false
|
||||||
|
|
||||||
- name: Regather facts for the potentially new docker0 interface
|
- name: Regather facts for the potentially new docker0 interface
|
||||||
|
|||||||
@ -12,4 +12,4 @@
|
|||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: nginx
|
name: nginx
|
||||||
state: reloaded
|
state: reloaded
|
||||||
listen: reload_nginx
|
listen: reload_nginx
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user